3 Replies Latest reply on Nov 21, 2016 9:04 AM by Jim Wilson

    Full user guide for CIS compliance content in BSA 8.9 ?

    Yanick Girouard

      Other than this page Configuring properties for Compliance Content templates - BMC Server Automation 8.9 is there a more complete user guide that explains how to properly use the ooto templates and jobs? A lot of the properties described in the above link don't really tell us much other that a general description.

       

      Is there a step by step guide somewhere on how to properly use, review and manage the CIS compliance content? I see a lot of stuff to configure, but not much info regarding what each properly is used for (which rules) or what it should be set to for it to work in our environment.

       

      I should add that the doc seems outdated, several details are incorrect and don't reflect what I'm seeing in 8.9 when I import the CIS content, notably the info about the properties to configure...

        • 1. Re: Full user guide for CIS compliance content in BSA 8.9 ?
          Jim Wilson

          I'm not aware of anything except for the CIS Benchmarks themselves, which the templates attempt to implement.

           

          Please add comments to the docs pages for any discrepancies that you have noticed.

           

          If you have specific questions, we can try to answer them for you (and the get the docs updated accordingly).

          • 2. Re: Full user guide for CIS compliance content in BSA 8.9 ?
            Yanick Girouard

            Hi Jim Wilson, I have already commented on the docs page about the discrepancies, but my question was more general. I would like to see a document explaining every template/custom class properties for CIS and which rule(s) they affect in the templates (and which OS template they apply to). If we are to use the BMC-provided templates for CIS compliance, we need to have a proper guide on how to use them and configure them so we know they are reporting the right compliance status for each server. The currently available online doc is more of a general description of the templates and properties, and doesn't really help other than to tell us that it's not that simple to use. It would be a real clerk job to dig through all the compliance rule definitions to see which property is used for what rule(s), but that's essentially what I would have to do to find out otherwise; open each rule one by one and note down all the occurrences of a class or local property, and then try to understand the logic of the rule to document how the different values will affect the results, for each template. I really hoped I wouldn't have to do that.

            • 3. Re: Full user guide for CIS compliance content in BSA 8.9 ?
              Jim Wilson

              Thanks Yanick - I see that Yechezkel from the Doc Writers team has responded that he will do a thorough review